Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp3865144pxb; Tue, 17 Nov 2020 05:43:23 -0800 (PST) X-Google-Smtp-Source: ABdhPJxH7VjlCeTV85slhv1F1m6n/Ybn7Amp6pMJW2z3c3oc45dxHfI4p3LXqxbLvvyfKi9CNtos X-Received: by 2002:a17:906:3102:: with SMTP id 2mr21111611ejx.135.1605620603633; Tue, 17 Nov 2020 05:43:23 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1605620603; cv=none; d=google.com; s=arc-20160816; b=nbhHVLvGkl3Fv1i6+f2pAfJsSY1tP1vKzzAj2E3pwNNIx5lyeXgtdZIipELV09LG11 TMEb7CpQIFQ6Vpdi7jr2yGgqdsBQgiNjJu4YNRhm9ulAyw6u3YG6WCXiU08HY+9DCmPi ZDljY6JgNIP2IWeVonWRQNroNYUIAQnU/UKa5Vghovhusl6nI1obhMBZuE90BGSqaGFs 2Z9sRIdJOJ69MD0H2I3ut01FEqhtD1KGx8sAZJzX34uqeqExwAnVTwUAekIIw5ghLcYU W4i8PiIj8JmyCkxnJh6LqtQlc/1EOdM7l7OLZi2UuBsSErGm6ccvzCEXmu5I/51sPVX9 h0iA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=KnYxEf7B9FmIFWVJHzpU+Y0es3UrlDA11suAlPxO2HQ=; b=L986TvhWjZAY20CJ0fMnBIKrjP5AnUiWoE9AcGWlv/kVEFRJ7KmyXesY+bL5rQRct2 3fdxE+TJbl0ta2TZl6vuEQgp999f0gof8csGgl7ZpT8H5LNcdQqqiIRMXVjyqDgbmU1Z sdNy+gUnOogmr4Khwz3D6vig2CTJoPpC9hbF6NDp4op8pl03wIizGk9RSw7gBuj+pRvw LAeh8aFy9jpvGWJmSJ4ANrqIKS8qFg4W0sCyJpBAHK7ArItVbH6oawBKlM9SWLy2JzhN u6lSx/TFP3ovVRpbB/AMs99ktHe+O4ZOX6r+lopNfcY2q1RXg+j8NErREMb+8gGxItbw HCKg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=Cef4g+Rt; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id k7si12949037ejp.590.2020.11.17.05.43.00; Tue, 17 Nov 2020 05:43:23 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=Cef4g+Rt; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732759AbgKQNjk (ORCPT + 99 others); Tue, 17 Nov 2020 08:39:40 -0500 Received: from mail.kernel.org ([198.145.29.99]:51106 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732591AbgKQNjP (ORCPT ); Tue, 17 Nov 2020 08:39:15 -0500 Received: from localhost (83-86-74-64.cable.dynamic.v4.ziggo.nl [83.86.74.64]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id A716F2465E; Tue, 17 Nov 2020 13:39:14 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1605620355; bh=6xIVdoNgZoWC6tzLVOF77nlZPtiQx9E/Uga/w8SgLu4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Cef4g+RtCkqhkiANZAiJq6RykjNbNwH/5D5MyXLu9RmpLGtMU///eEQvH0izQHmLO Z8NMZAWeKhCL5Tma4ncGkepHGFqcEowkuRIMOGBfax0cRy8R48nOYIiklz0v2Z8v1l keUifZzvvbaoOT0LgNszCOSYU257DRMZrAorP8SM= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, "Darrick J. Wong" , Christoph Hellwig , Sasha Levin Subject: [PATCH 5.9 160/255] xfs: fix rmap key and record comparison functions Date: Tue, 17 Nov 2020 14:05:00 +0100 Message-Id: <20201117122146.733686471@linuxfoundation.org> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20201117122138.925150709@linuxfoundation.org> References: <20201117122138.925150709@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Darrick J. Wong [ Upstream commit 6ff646b2ceb0eec916101877f38da0b73e3a5b7f ] Keys for extent interval records in the reverse mapping btree are supposed to be computed as follows: (physical block, owner, fork, is_btree, is_unwritten, offset) This provides users the ability to look up a reverse mapping from a bmbt record -- start with the physical block; then if there are multiple records for the same block, move on to the owner; then the inode fork type; and so on to the file offset. However, the key comparison functions incorrectly remove the fork/btree/unwritten information that's encoded in the on-disk offset. This means that lookup comparisons are only done with: (physical block, owner, offset) This means that queries can return incorrect results. On consistent filesystems this hasn't been an issue because blocks are never shared between forks or with bmbt blocks; and are never unwritten. However, this bug means that online repair cannot always detect corruption in the key information in internal rmapbt nodes. Found by fuzzing keys[1].attrfork = ones on xfs/371. Fixes: 4b8ed67794fe ("xfs: add rmap btree operations") Signed-off-by: Darrick J. Wong Reviewed-by: Christoph Hellwig Signed-off-by: Sasha Levin --- fs/xfs/libxfs/xfs_rmap_btree.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/fs/xfs/libxfs/xfs_rmap_btree.c b/fs/xfs/libxfs/xfs_rmap_btree.c index beb81c84a9375..577a66381327c 100644 --- a/fs/xfs/libxfs/xfs_rmap_btree.c +++ b/fs/xfs/libxfs/xfs_rmap_btree.c @@ -243,8 +243,8 @@ xfs_rmapbt_key_diff( else if (y > x) return -1; - x = XFS_RMAP_OFF(be64_to_cpu(kp->rm_offset)); - y = rec->rm_offset; + x = be64_to_cpu(kp->rm_offset); + y = xfs_rmap_irec_offset_pack(rec); if (x > y) return 1; else if (y > x) @@ -275,8 +275,8 @@ xfs_rmapbt_diff_two_keys( else if (y > x) return -1; - x = XFS_RMAP_OFF(be64_to_cpu(kp1->rm_offset)); - y = XFS_RMAP_OFF(be64_to_cpu(kp2->rm_offset)); + x = be64_to_cpu(kp1->rm_offset); + y = be64_to_cpu(kp2->rm_offset); if (x > y) return 1; else if (y > x) @@ -390,8 +390,8 @@ xfs_rmapbt_keys_inorder( return 1; else if (a > b) return 0; - a = XFS_RMAP_OFF(be64_to_cpu(k1->rmap.rm_offset)); - b = XFS_RMAP_OFF(be64_to_cpu(k2->rmap.rm_offset)); + a = be64_to_cpu(k1->rmap.rm_offset); + b = be64_to_cpu(k2->rmap.rm_offset); if (a <= b) return 1; return 0; @@ -420,8 +420,8 @@ xfs_rmapbt_recs_inorder( return 1; else if (a > b) return 0; - a = XFS_RMAP_OFF(be64_to_cpu(r1->rmap.rm_offset)); - b = XFS_RMAP_OFF(be64_to_cpu(r2->rmap.rm_offset)); + a = be64_to_cpu(r1->rmap.rm_offset); + b = be64_to_cpu(r2->rmap.rm_offset); if (a <= b) return 1; return 0; -- 2.27.0